Skip to main content



The health and safety of our colleagues and candidates for employment are our highest priority. Accordingly, Citi continues to monitor the COVID-19 situation closely. We have implemented precautionary measures across our firm globally, including conducting all candidate interviews virtually on a temporary basis until further notice where needed.

Cyber Risk Threat and Crisis Management SVP / C14

Job Req ID 22567876 Location(s) New York, New York; Washington, DC; Jacksonville, Florida; Tampa, Florida; Irving, Texas Job Category Risk Management
Apply Now

Background / Context:

This individual contributor role sits in Citi’s second line of defense (2LoD) – Risk \ Operational Risk Management (ORM) \ Technical Cyber Risk Office \ Enterprise Technical Cyber Risk Team \ Cyber Risk Threat and Crisis Management Team (CRTCM). 

ORM consists of experienced professionals who provide subject matter expertise (SME) to objectively evaluate, independently oversee, and constructively advise first line of defense (1LoD) teams, governance, processes, and controls. 

Focusing on the operational / “run” aspects of 1LoD operations, CRTCM serves as an authoritative body for providing independent review and assurance of 1LoD security operations, including threat intelligence, cyber / technical incident and crisis management, insider threat operations, cyber exercising / awareness.  In collaboration with sister teams focused on the architecture and engineering / “build” aspects of 1LoD operations, CRTCM informs security architecture / engineering / dev ops. 

Our mission is to drive comprehensive, consistent, efficient, and effective practices that identify, measure, monitor, report, and manage operational risks across the cyber domains.  CRTCM recommends remediation of root causes and contributing factors to mitigate operational losses as well as to shift from people led- to process driven-programs. 

This role will support an expansion of existing, 2LoD cyber and technology incident defense and response assessment and advancement activities.  Doing so will enhance Citi’s efforts to mitigate client harm as well as impact to its reputation, operations, and regulatory / legal / financial standing, in line with Citi leadership and regulatory intent.

Key responsibilities:

  • Deliver both as an individual contributor and as a team lead for independent, 2LoD reviews of 1LoD activities, requiring planning, interviewing, documentary and metric review, thematic analysis, risk-based prioritization, report drafting, editing, briefing, negotiation and stakeholder engagement, and self- / team-management

  • Interpret and leverage data analytics of 1LoD qualitative and quantitative reporting (e.g., threat intelligence, cyber SIRTs, technology MIMs, fraud and loss capture system reports, etc.)

  • Assess metric / key indicator definitions and their effectiveness to identify cyber / technical risk themes, systemic security risks, insufficient controls, and gaps

  • Influence 1LoD remediation plan designs and assure their thorough implementations

  • Build, nurture, and leverage personal relationships across the three lines of defense

  • Serve as a cyber risk SME for CCAR scenarios and other scenario / exercise / training efforts

  • Provide input into ORM’s methodology and deliverables to strengthen our approach and impact (ex., internal governance documentation, cross-functional engagement management, etc.)

  • Provide inputs to and/or draft regulatory responses and internal reporting

  • Assess changes to the regulatory, emerging technology, and threat landscapes, communicating assessments to leadership through briefings, threat bulletins, or position papers

  • Provide and engage 360 feedback

Desired Experience:

  • Diverse experience (10+ years) with cyber and technology operations (ex., CISO / SOC operations, incident management, red team, vulnerability assessment, cyber exercises, data loss prevention, etc.)

    • DevSecOps + SecInfra

    • Vulnerability assessment and management

    • Configuration management

    • Secure system maintenance and protective technology

    • Cyber resilience + internal / external dependencies (preferred)

    • Mix of financial services sector and consultancy experience (preferred)

    • Relevant certifications (CISSP, CISM, or equivalent) (strongly preferred)

  • Risk assessments, controls design and testing, as well as corrective action planning

  • Experience working with industry standards and regulations (Financial Services Sector Cybersecurity Profile, ATT&CK, ISO, NIST, PCI-DSS, etc.)

  • Experiencing writing for, interfacing with, and influencing senior stakeholders

  • Technical proficiency in MS Office


Job Family Group:

Risk Management


Job Family:

Operational Risk


Time Type:

Full time


Primary Location:

New York New York United States


Primary Location Salary Range:

$164,310.00 - $246,460.00


Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting


Effective November 1, 2021, Citi requires that all successful applicants for positions located in the United States or Puerto Rico be fully vaccinated against COVID-19 as a condition of employment and provide proof of such vaccination prior to commencement of employment.

Apply Now
  • Join our team
    of 220,000+
    strong diverse employees

  • Socially minded employees volunteering in communities across 90 countries

  • Meaningful career opportunities thanks to a physical presence in over 95 markets

We foster a culture that embraces all individuals and encourages diverse perspectives, where you can make an impact and grow your career. At Citi, we value colleagues that demonstrate high professional standards, a strong sense of integrity and generosity, intellectual curiosity, and rigor. We recognize the importance of owning your career, with the commitment that if you do, we promise to meet you more than half way.

Saved Jobs

You have no saved jobs

Previously Viewed Jobs

You have no viewed jobs